package org.sninwo.lnbook.book.web.shiro;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.web.filter.authz.AuthorizationFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class ShiroAuthzFilter extends AuthorizationFilter {
	static Logger logger = LoggerFactory.getLogger(ShiroAuthzFilter.class);

	/**
	 * 权限控制
	 */
	@Override
	protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
		HttpServletRequest req = (HttpServletRequest) request;
		logger.debug(getUrl(req));
		return true;
	}
	
	private String getUrl(HttpServletRequest req){
		String url = req.getRequestURL().toString();
		if (req.getQueryString() != null){
			url += "?" + req.getQueryString();
		}
		return url;
	}
}
